Community Forums

Home » Vuze Forums » Community Open Support


Thread: Thwart Traffic shaping especially forged RST....is UDP a solution?


Thread Locked This thread is locked - replies are not allowed.


Search Forum Search Forum Back to Thread List Back to Thread List

Permlink Replies: 20 - Pages: 1 - Last Post: Dec 10, 2009 9:19 PM Last Post By: treefrog21
ezguy

Posts: 8
Registered: 07/03/08
Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 2, 2008 8:52 PM
Click to report abuse...
I noticed RC4-160 (UDP) peer connection stand-out from the rest in terms of speed, I believe this is due to the fact that ISP's RST injection does not affect UDP connection.

Does it make sense for Azureus to include option for users to enable/force UDP connection to overcome this? I believe if this option is available, my speed will increase 5 to 10 folds.

Any thoughts?

cheers!
The 8472

Posts: 2,169
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 3, 2008 5:50 AM   in response to: ezguy in response to: ezguy
Click to report abuse...
While this may indeed overcome various forms of traffic shaping it is not compatible with other clients and not very efficient, so it's not a good idea to force this type of connection. Az already attempts to fallback to UDP transports automatically when it is deemed necessary
amc1


Posts: 1,170
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 3, 2008 8:14 AM   in response to: The 8472 in response to: The 8472
Click to report abuse...
We've had this conversation before, but... do we always try a UDP fallback connection every time when a peer disconnects? What causes us to permanently fallback to UDP and not to retry TCP again?
The 8472

Posts: 2,169
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 3, 2008 8:44 AM   in response to: amc1 in response to: amc1
Click to report abuse...
it's either used as fallback during seeding or when the peer count on the torrent is low iirc. a never-TCP-mode does not exist since slow download is better than no download.
ezguy

Posts: 8
Registered: 07/03/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 3, 2008 11:21 PM   in response to: The 8472 in response to: The 8472
Click to report abuse...
Hi Guys,

1. As of v3.1.1.0 under what circumstances a UDP peer connection is established? From what i see 1 out of 100 perhaps. Is UDP used as a final option when everything else fails? I am just curious how it works.

2. It would be great if there is an option say e.g. ...

Options->Transport->UDP
[x] Require UDP Transport
[ ] Allow non-UDP outgoiing connections if UDP connection attempt fails
[ ] Allow non-UDP incoming connections

Lets just say if its implemented, if am the initiating peer requesting for UDP connection, but the target peer did not [x] Require UDP Transport, would the target peer oblige and switch to UDP to establish connection?

In summary, by default its business as usual unless users consciously decide to give priority or force UDP connection. I would like to think that this perhaps should be implemented in the same spirit as 'Transport Encryption".

I believe that even though TCP is more efficient,robust and preferable under normal circumstances, its worthwhile to have an option to opt for UDP knowing this fact.

I think most users wouldn't care if its TCP or UDP as long as whatever protocol used can boost their speed significantly.

You guys are great!

cheers!

Edited by: ezguy on Jul 3, 2008 11:26 PM

Edited by: ezguy on Jul 3, 2008 11:57 PM

amc1


Posts: 1,170
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 4, 2008 5:52 AM   in response to: ezguy in response to: ezguy
Click to report abuse...
I'm not sure whether I necessarily agree if having UDP configuration options available or not is the best thing... But I do think that we might want to consider being a bit more proactive with falling back to try UDP connections. If we could determine that TCP connections keep breaking, then we could fallback to UDP?
ezguy

Posts: 8
Registered: 07/03/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 4, 2008 10:31 AM   in response to: amc1 in response to: amc1
Click to report abuse...
Hi,

Yeah it would be great if Az can 'try harder' to switch to UDP if it 'feels' that the connection is 'tempered' with. Well I really hope to see the UDP configuration option being implemented as well though. My ISP is quite aggressively spraying RST, average bout 35% based on AZ's Network Status Monitor.

Initially... after enabling encryption, it fixed the problem... but not for long, now it seems that even with encryption they still can shape the traffic, I guess they now have a smarter hardware to do more in-depth analysis to figure out. The only time i see an up spike in speed is when i get connected to a RC4-160 (UDP) peer, that's when i realise RST is for TCP and UDP is spared and hence I started this thread.

Its also difficult to connect to trackers, but using TOR via SOCKS for tracker communication solved that. This is an endless battle :-(

I am almost down on my knees....please please please give us the smart UDP retry & configuration option. :-)

Thank you.

cheers!

coco

Posts: 36
Registered: 05/16/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 8, 2008 2:24 AM   in response to: ezguy in response to: ezguy
Click to report abuse...
why not a "new" far more aggressive encryption protocol?

client http header send to tracker:

Host: tracker.hehe.com

GET /announce.php?passkey=blablabla&&peer_id=-AZ3111&&requirecrypto=1&port=8227&azudp=8227&uploaded=0&downloaded=0&left=0&corrupt=0&event=started&numwant=100&no_peer_id=1&compact=1&key=A4KR2ab8&azver=3
or
GET /http://tracker.hehehe.com:80/scrape.php?passkey=blablabla&info_hash=blablabla&info_hash=blablabla...

User-Agent: Azureus 3.1.1.1

Accept-Encoding: gzip

goes something like:

Host: <ip4/6>

GET http://o87q35bvjhy8...fully encrypted...346fbv73jh4xs7
or
GET http://3f56gkth3f5g...fully encrypted...234g876dasd7df

User-Agent: camouflaged as mozilla browser (or your choice!)*

Accept-Encoding: as above!


the same applied to client-client torrent traffic!

  • the tracker will have to dig out user agent from encrypted stream.


if a "security-cookie" is baked into the encrypted stream and all answers must answer with proper hash....
tampering with the stream will be very hard (of cause we should reorder individual blocks "&azudp=8227" etc. within the stream, client choose order at start!?)
any isp that tries will shot himself in the foot, just gonna be more traffic...

amc1


Posts: 1,170
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 8, 2008 8:31 AM   in response to: coco in response to: coco
Click to report abuse...
coco - you're confusing tracker communication with peer communication (which is what we're talking about here).
coco

Posts: 36
Registered: 05/16/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 8, 2008 2:50 PM   in response to: amc1 in response to: amc1
Click to report abuse...
nono! i want full encrypted traffic of both tracker and peer communications...

i live in sweden were we soon gonna have FRA http://www.fra.se/english.shtml

full bugging of what ever that pass swedens borders... both radio and net!

ezguy

Posts: 8
Registered: 07/03/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 10, 2008 4:30 AM   in response to: amc1 in response to: amc1
Click to report abuse...
I noticed that even if i use TOR for tracker communication and forced AZ to use only encrypted transport for both incoming and outgoing peer connection my RST% is still very high.

But if i use a vpn to bypass the ISP, my RST% dropped significantly and my download speed quadrupled.

I am just wondering how in the world does my ISP know its bit torrent traffic and therefore choke my speed via RST? any idea?

Could it be that the ISP is 'guessing'? i.e. many connection out and many connection in, high traffic sustained for long period, usage history. If this is how they analyze, determine and then choke (inject RST), i guess there's nothing much we can do bout it? UNLESS we use UDP? lol
amc1


Posts: 1,170
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 10, 2008 7:31 AM   in response to: ezguy in response to: ezguy
Click to report abuse...
I am just wondering how in the world does my ISP know its bit torrent traffic and therefore choke my speed via RST? any idea?
It's probably related to the vast number of connections that you're making.

Also - it's quite possible that your VPN is running over UDP anyway.

I haven't forgotten about your UDP request - I'll see what other devs think about it.
amc1


Posts: 1,170
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 10, 2008 2:19 PM   in response to: amc1 in response to: amc1
Click to report abuse...
You can thank parg (one of the devs) for this... in the next beta, there's a "prefer UDP connections" option in the Connection section. Try it and see how it works for you...
ezguy

Posts: 8
Registered: 07/03/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 11, 2008 3:45 AM   in response to: amc1 in response to: amc1
Click to report abuse...
OMG, dude u serious????? I am so happy i can't sleep tonight man! Thanks alot guys!!!!!

Looking forward to the next beta and I will post the result here as soon as I can get my hands on it and test drive it!!

Thanks again! You guys are great!!!! Special thanks to 'amc1' and 'parg' !

cheers!

amc1


Posts: 1,170
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 11, 2008 4:25 AM   in response to: ezguy in response to: ezguy
Click to report abuse...
No need to thank me - I just passed the message on. :)
BillyGates

Posts: 14
Registered: 03/25/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 22, 2008 12:51 AM   in response to: amc1 in response to: amc1
Click to report abuse...
Another solution for thwarting RST's is to drop them in the application like specified here. :)

http://wakarimasu.googlepages.com/windows

I've been using IPFW to drop RST's for a few weeks now and have noticed big improvements on my download speeds from other customers. Unfortunately optimally both sides need to drop the RST's, but just my side dropping has improved things.

I've also locked down my outbound TCP port (Bind to local port) to a single port and drop all RST's to this and my incoming port and haven't had any problems!

Dangling half open connections eventually timeout...

So as a feature request, another option is to add RST dropping into Azureus/Vuze.

Thanks! :)
The 8472

Posts: 2,169
Registered: 11/13/07
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 22, 2008 2:11 AM   in response to: BillyGates in response to: BillyGates
Click to report abuse...
dropping RST packets is done on the operating system level, not on the application level, hence we cannot provide such an option.
ezguy

Posts: 8
Registered: 07/03/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 22, 2008 4:29 AM   in response to: BillyGates in response to: BillyGates
Click to report abuse...
From what I understand 'they' send RST both ways. So if we drop the RST at our end, our peer will still receive RST. If that's the case I don't see how it can improve the situation. Just curious, nevertheless I will try out IPFW and see how it works for me.

Thanks for the suggestion.

cheers!
BillyGates

Posts: 14
Registered: 03/25/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Jul 22, 2008 7:03 AM   in response to: ezguy in response to: ezguy
Click to report abuse...
Thanks 8472... I was afraid of that... :(

FYI, I'm not an IPFW expert, but the rules I have set up (with 50000 listening, 50001 outgoing 'bind to IP') are below and seem to work well.

The interesting thing this does is easily let you see in the Log files that are created what IP's are sending RST's. I haven't seen a good posting clearly documenting about how Sandvine works so there's a lot of guessing about what's going on. It definitely seems to help me download from Comcast customers and I no longer see peers dropout and come back within a few seconds like before.

(FYI, I run this on XP SP2 with Kerio/Sunbelt Firewall at the same time with no problems)

Config:
  1. First flush the firewall rules
-f flush

  1. Localhost rules
add 100 allow all from any to any via lo*

  1. Prevent any traffic to 127.0.0.1, common in localhost spoofing
#add 110 deny log all from any to 127.0.0.0/8 in
#add 110 deny log all from 127.0.0.0/8 to any in

add deny log tcp from any to me 50000 tcpflags rst
add deny log tcp from any to me 50001 tcpflags rst

#Testing rules, to find ports used by services if we aren't sure. These rules allow ALL traffic to pass through the firewall, disabling any subsequent rules
#add 140 allow log logamount 500 tcp from any to any
#add 150 allow log logamount 500 udp from any to any

add check-state
add pass all from me to any out keep-state
#add count log ip from any to any
add count ip from any to any

add pass tcp from any to any 50000
add pass udp from any to any 50000

#Allow VNC
add pass tcp from any to any 5555

  1. Allow Microsoft SMB file sharing
add pass tcp from any to me 135-139
add pass udp from any to me 135-139

  1. Allow direct-hosted SMB w/out NetBIOS
add pass tcp from any to me 445
add pass udp from any to me 445
ezguy

Posts: 8
Registered: 07/03/08
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Nov 26, 2008 8:53 AM   in response to: ezguy in response to: ezguy
Click to report abuse...
Hi Guys,

Thanks for the "Prefer UDP Connections". I tried and it worked as expected. RST% dropped significantly, my speed increased from 20-60Kbps to 120-150Kbps during peak hours. Well it works best with popular downloads as the sheer size of the swarm almost guarantees I get connected to most peers via UDP.

Thanks again guys!

cheers!
treefrog21

Posts: 1
Registered: 12/11/09
Re: Thwart Traffic shaping especially forged RST....is UDP a solution?
Posted: Dec 10, 2009 9:19 PM   in response to: ezguy in response to: ezguy
Click to report abuse...
VUZE CHANGELOG
2009.09.xx | Vuze 4.2.0.9 CHANGE ... FEATURE: Core | Added a 'prefer UDP connections'

Tools-->Options-->Connection--><CheckBox> prefer UDP connections

This has alievated Comcast Traffic throttling for the moment. Woo Woo, down with the tyrant.

Details
Using strait TCP worked okay until all of a sudden my connection speeds would do this zig zag between something under 100kb and 0. Essenitally they would jump up for half a second then zero out. This kept happening and once it started, it continued. Pretty sure it takes comcast a little bit to identify and start killing your throughput. On the UDP tho I experience no interuptions and fairly stable connection speeds. My hashfails are still zero as well so I'm really digging it.
Legend
Master: 800 - 9999 pts
Expert: 400 - 799 pts
Advanced: 200 - 399 pts
Intermediate: 100 - 199 pts
Beginner: 50 - 99 pts
Newbie: 0 - 49 pts
Vuze Staff Member
Vuze Community Moderator
Helpful Answer (3 pts)
Correct Answer (5 pts)

Point your RSS reader here for a feed of the latest messages in all forums